Thank you to everyone who attended the Virtual CISO 360 Fireside Chat
16 July 2020
Balancing security and productivity – Operationalising least privilege. How are CISOs pragmatically reducing risks and improving productivity?
*There is no cost to attend for in-house practitioners, CISOS, CIOs, Developers, Heads of Architecture, Networks, Applications, Identity…
You are invited to attend this special Fireside Chat that will be hosted on Thursday 16 July. During the discussion you will benchmark capabilities with peers on how to manage identity in a productive way.
Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organisations, and even those with the most comprehensive security systems and controls in place find that an attacker will discover and exploit their Achilles Heel.
This live broadcast fireside chat will enable you to compare practical steps to successfully deploy tried and tested best practices and foundational security controls to secure systems and data against the most pervasive attacks. You will hear tips to successfully implement a strategy of least privilege, allowing you to eliminate unnecessary privileges and elevate rights across multi platforms and networked devices without hindering end-user productivity, firmly shutting the door on attackers.
Agenda
Questions to keep the agenda moving forward at a pace!
- Strategy
- What are the risk drivers of least privilege and how have these recently changed?
- What are the benefits and challenges of implementing least privilege as part of your identity management strategy?
- How can we simplify segmentation projects?
- Why People (and underlying culture), Process and Technology perspectives are critical success factors to successful implementation?
2. Risk and Productivity – Your Top Challenges
(Input by participants)
- How can we pragmatically reduce risks and improve productivity?
- Enterprise mobility – reduced social interaction and team work during isolation, economic impact of COVID
- Collecting the right data fast enough, analysing it and turning it into a story to convince the board to part with money whilst also doing the day job
- Migration of legacy applications whilst keeping a good security hygiene
- Minimising attack surface – what works, what doesn’t
- Containing malware propagation and other proven ways to achieve cyber resilience / better stability
- What other solutions/technologies do people often consider when scoping a Least Privilege project – how do they compare? Are there any viable alternatives?
- How can a zero trust strategy adversely affect efficiencies/productivity?
3. Control Framework
- What are industry recommended foundational security controls?
- How, if implemented, can these help you achieve least privilege?
- Conversely, how can least privilege help compliment other controls and further reduce risk?
- What are best practice audit measures and good KPIs?
Hear from fellow CISOs what approaches are available, what works, what doesn’t and predictions about the future of zero trust, identity and access management!
Hosted by Pulse Conferences, sponsored by BeyondTrust, the core objective of this discussion is to connect peers for an energetic debate on the practical approaches, realities, challenges and successes.
Please see the approximate timings below for this very special event.
This is not a webinar, it is a live and interactive broadcast. As a guest, you are invited to ask questions, participate in live polls and if you wish, you can even ‘Spotlight’ on the screen to contribute insights face to face!
We look forward to seeing you on Thursday 16 July for what promises to be an educational, memorable – as well as entertaining – discussion with peers!
Yours sincerely,
Team Pulse
Timings
The below agenda provides a guidance.
| 12:30 – 12:33 | Digital House-Keeping and Guest Welcome Master of Ceremonies: Clive Room, Director, Pulse Conferences |
| 12:33-12:35 | Chairman’s Introduction |
| 12:35 – 13:45 | Fireside Chat Discussion: All participants contribute to the discussion with live polling, questions and on screen invitations throughout. Balancing security and productivity – Operationalising least privilege. How are CISOs pragmatically reducing risks and improving productivity?
Chaired by: Marcus Alldrick, CISO Luminary |
| 13:50 – 14:00 | Summaries and Goodbyes |
Sponsored by
Hosted by
Chaired by
Marcus Alldrick, Digital Risk Management, Security and Compliance Advisor
Born at a very early age and growing up in a culture where cyber was a prefix for anything automated, menacing and malevolent (how history has a tendency of repeating itself), Marcus entered the world of Data Processing as it was known back then after graduating from university. Progressing from programming into analysis and then data architecture Marcus became the first devolved Information Risk and Security Manager for Barclaycard. After seven years in that role he moved banks and became Head of Information Security for Abbey National plc, now Santander UK. After six years at Abbey and a move into consulting for a large UK utilities company Marcus joined KPMG as a Principal Advisor. Eighteen months later he joined Lloyd’s of London as its CISO and subsequently became its Head of Digital Risk Management and Compliance, also embracing responsibility for data protection and privacy, during his 10 years tenure there. Having worked in IT for over 40 years, specialising in information risk, protection, security and compliance for the latter 27 years or so, Marcus decided to leave full-time corporate life and move to the South Coast of England in mid-2017, ever the seafaring Fisherman’s Friend. As well as being a proud member of the Pulse Conferences family, Marcus now provides pro bono advisory and volunteering services and is a guest lecturer at the University of Portsmouth.
About the Speakers
Karl Lankford, Director, Solutions Engineering, BeyondTrust
Karl is the Director, Solutions Engineering, for BeyondTrust, where he has worked for 6 years. A highly capable security leader, Karl has acquired a wide range of security experience and knowledge over the last decade, working across multiple industries. Karl is a regular speaker at industry conferences, delivering disruptive technical and strategic thought-leadership insight to the international cybersecurity community.
Joe Hancock, Head of Cyber, Mishcon de Reya
Joe is Partner and the Head of Cyber at MDR Cyber. He focuses on providing strategic cyber advice, helping organisations to develop and optimise their investments in cyber risk management, and protect their reputation and stakeholders. Joe has a wide range of expertise in cyber risk and security, data protection and resilience, with first-hand experience of some of the UK’s largest cyber incidents. Through a variety of consulting roles he has helped organisations prepare for cyber breaches and data loss events across global sectors including: Energy, Retail, Defence and Financial Services as well as for government. Joe is a recognised industry expert in emerging areas such as Operational Technology Security and Cyber Insurance. He began his career in the Defence and National Security sector and was one of the first cyber specialists in the Lloyds insurance market, supporting the underwriting of cyber risks. Joe is a mentor for the start ups taking part in MDR LAB.
Master of Ceremonies
Clive Room, Director, Pulse Conferences
Clive has worked as a marketeer within cybersecurity since 2000. As the Marketing Manager at Portcullis Computer Security he organised all their bespoke events from seminars to hospitality events like the famous Portcullis Arms during Infosec. He was also responsible for their involvement with conferences and exhibitions all over Europe. His experience in promoting and presenting at cyber security events is matched by his passion for helping people understand the critical importance of mitigating the risks and protecting themselves and their organisations from cybercrime. He believes that in terms of reputational damage and operational costs, security breaches should be a key concern of everyone from the ground floor worker up to board and director level. Clive was Chairman of The White Hat Committee, the charity for the information security industry, which raises money for ChildLine and Barnardo’s throughout the year. This January’s White Hat Ball was the most successful to date raising over two hundred thousand pounds and the next White Hat Car Rally is in September. Clive is proud to be a part of the dynamic team bringing CISO 360 Congress to the marketplace as a game changer in cybersecurity events.
About the Sponsor
BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments. The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. Our products enable the right level of privileges for just the time needed, creating a frictionless experience for users that enhances productivity. With a heritage of innovation and a staunch commitment to customers, BeyondTrust solutions are easy to deploy, manage, and scale as businesses evolve. We are trusted by 20,000 customers, including 70 percent of the Fortune 500, and a global partner network.